3

Background

Telegram Messenger offers an "End-to-End" encrypted channel, with their home brewed MTProto, called Secret Chat.

They have "Link Previews" by default in all modes, but Secret Chats, in which the servers are able to generate a preview and a summary by crawling the link, to display that information to the end user.

Problem

Recently, they added a new option in settings to enable a "feature" called "Link Previews" in which every link in Secret Chats is also crawled and info is displayed. They produced a one-time dialogue inside of my Secret Chats, that prevented me from taking a screenshot of it, saying whether I'd like to enable that or not.

Seeing as End-to-End encryption would no longer apply if they can see my Secret Chat links to crawl them, I'll give them -for the hundredth time- the benefit of the doubt and simply ask how do they do it?

Extras

One option that comes to mind is by crawling the links from inside the Telegram client on the user's device instead of crawling them with their -proprietary, mind you- servers.

That is the least creepy/flawed design I can think of, but even that means they are also able to simply set their client to send the client's Secret Chat log to anyone they so choose; if this implementation of Link Previews went unnoticed, then I don't see why keylogging would be any different if developers aren't interested in Telegram enough to review its code changes to their Open Source client.

Improve this question

1 Answer 1

Reset to default
2

how do they do it?

From here (http://telegram.wiki/tips:linkparsing) it is clear that the links themselves are sent to the server to be parsed.

Therefore, they probably parse locally your secret text on client side to find links (not that hard to isolate links from the rest of the text) and send only those to the server, as is done in any other (non secret) chat.

As far as I can understand from their docs, they do it on the senders side. After you hit send, it goes encrypted to the other side. Therefore, the server side will not be sure if you did sent that link to anyone, if it was on a secret or non secret chat or just fetched the preview and canceled the message sending.

but even that means they are also able to simply set their client to send the client's Secret Chat log to anyone they so choose;

You are right, nothing stops them from doing this if you do not trust that the client does not have a backdoor for that. But that is not related to Link previews. Even without anything like this, the simple fact that they do need to parse the unencrypted messages for displaying it to you is already a point where they could capture and send anything to a third party. The encryption end-to-end is only until it leaves one phone and gets to the other. Not before and after that. You type unencrypted data and read unencrypted data.

What this could add is a possible point of failure, ex some specially crafted link could exploit a bug and leak more than the URL. But if it is well implemented, it just leaks the URL, that you should allow it to do for the sake of using this resource.

IMHO, they should simply not add this functionality to secret chats. I dont think most users will understand exactly how much is not secret anymore when using it.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .